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Amendments to the Claims: 

This listing of claims reflects all claim amendments and replaces all prior 
versions, and listings, of claims in the application. Material to be inserted is in 
bold and underline , and material to be deleted is in strik e out and/or in [[double 
brackets]] if the deletion would be difficult to see. 

USTING OF CLAIMS: 

1 . (Previously presented) A method comprising: 

using a biometric generator to obtain a biometric signature of an individual; 

bonding the biometric signature to a data storage device; 

requiring the biometric signature of the individual to access a data record 
stored on the data storage device; 

controlling an access to the data storage device by using a data console, 
the data console being a secure input/output device; 

maintaining a credibility record associated with the data record; 

assigning a credibility coefficient to data in the data record based on an 
evaluation of the credibility record, wherein each piece of personal or confidential 
data entered in the data storage device is associated with a credibility weight 
based upon credibility coefficients assigned to the data record; 

using a metadata query to request a disclosure of the data record; and 

allowing the individual to control the disclosure of the data record. 

2. (Original) The method of claim 1 further comprising: 



Application Number 10/623,337 
Response Date December 10. 2007 
Amendment After Allowance 



Page 2 of 13 



PAGE 5/16 * RCVD AT 12/12/2007 7:10:41 PM [Eastern Standard Time] * SVR:USPTO-EFXRF-6/37 * DNIS:2732885 * CSID:503 459 4142 ^ DURATION (mm-ss):0246 



12/12/2007 17:18 FAX 503 459 4142 AHMRT 



* USPTO Issue Fee 0006/016 



generating an encryption key based on the biometric signature of the 
individual; and 

using the encryption key to encrypt the data record. 

3. (Original) The method of claim 1 further comprising: 

obtaining the biometric signature of a session operator, the session 
operator operating the biometric generator; and 

recording a session history in the credibility record. 

4. (Original) The method of claim 3 wherein the session history comprises: 

a unique identifier of the biometric generator; the biometric signature of the 
session operator; and 
a session time. 

5. (Original) The method of claim 3 further comprising preventing the 
session operator from operating the biometric generator when the biometric 
signature of the session operator does not match the biometric signature of an 
authorized operator, 

6. (Original) The method of claim 1 further comprising: 

obtaining the biometric signature of a console operator, the console 
operator being a person operating the data console; and 
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recording an access history in the credibility record. 

7. (Previously presented) The method of claim 6 wherein the access history 
comprises: 

a unique identifier of the data console; the biometric signature of the 
console operator; an access type; and 
an access time. 

8. (Original) The method of claim 6 further comprising: 

requiring the console operator to enter an authorization code prior to 
allowing the console operator to access the data record; 
preventing the console operator from accessing the data record when the 
console operator does not enter a proper authorization code: and 
storing the authorization code in the credibility record- 
s' (Original) The method of claim 1 wherein using a metadata query further 
comprises: 

evaluating of the data record without disclosing the data record to a 
querying party; and evaluating of the data record without disclosing the 
metadata query to the individual. 

10. (Original) The method of claim 1 wherein allowing the individual to control 
the disclosure of the data record further comprises: 
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allowing the individual to deny a specific data query; 

allowing the individual to deny the metadata query; 

allowing the individual to authorize the disclosure of the data record; and 

allowing the individual to authorize a partial disclosure of the data record. 

1 1 . (Original) The method of claim 1 further comprising recording a query 
history in the credibility record. 

12. (Original) The method of claim 1 1 wherein the query history comprises: 
a data query authorization code; 

an identification of the querying party; 

the unique identifier of the data console; 

the biometric signature of the console operator; and 

a query time. 

13. (Previously presented) The method of claim 1 further comprising; 
assigning a credibility coefficient to the data record based on an evaluation 

of the credibility record; 

changing the credibility coefficient when an element in the credibility 
record is compromised; and 

sending a broadcast notice associated with a change in the credibility 
coefficient. 
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14. (Previously presented) An apparatus for private information access rights 
management comprising: 

a biometric generator to analyze a unique biological characteristic of an 
individual and to generate a biometric signature for the individual wherein the 
biometric signature is reliably replicable; 

a data storage device to store a data record wherein the data record 
belongs to the individual and the data storage device is locked by the biometric 
signature; 

a credibility record associated with the data record, wherein each piece of 
personal or other confidential data entered in the data storage device is 
associated with a credibility weight based upon credibility coefficients assigned to 
data in the data record; and 

a data console to control an access to the data record wherein the data 
console is a secure data input/output device and the access comprises one of a 
data query and a data entry. 

15. (Previously presented) The apparatus of claim 14 further comprising a 
biometric generator authorization procedure. 

16. (Previously presented) The apparatus of claim 15 further comprising a 
biometric signature match for an operator of the biometric generator. 
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17. (Original) The apparatus of claim 14 further comprising a data console 
authorization procedure. 

1 8. (Original) The apparatus of claim 1 7 further comprising an authorization 
code. 

1 9. (Original) The apparatus of claim 14 further comprising an authorization to 
disclose the data record wherein the individual controls the authorization to 
disclose the data record. 

20. (Cancelled) 

21 . (Previously presented) The apparatus of claim 14 wherein the credibility 
record comprises a session credibility coefficient 

22. (Previously presented) The apparatus of claim 14 wherein the credibility 
record comprises a biometric operator credibility coefficient. 

23. (Previously presented) The apparatus of claim 14 wherein the credibility 
record comprises an access credibility coefficient. 

24. (Previously presented) The apparatus of claim 14 wherein the credibility 
record comprises a data console operator credibility coefficient 
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25, (Currently amended) An article of manufacture comprising: a machine- 
accessible medium including content that, when accessed by a machine, causes 
the machine to: 

generate a biometric signature of an individual; 

bond the biometric signature to a data storage device; 

require the biometric signature of the individual to access a data record 
stored on rftilel lthed ata storage device; 

control an access to the data storage device by a data console, wherein 
the data console is a secure input/output device; 

maintain a credibility record associated with the data record; 

assign a credibility coefficient to data in the date record base on an 
evaluation of the credibility record, wherein each piece of personal or other 
confidential date entered in the data storage device is associated with a 
credibility weight based upon credibility coefficients assigned to the data record; 

use ametadata query to request a disclosure of the data record; and 

allow the individual to control the disclosure of the data record. 
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26. (Original) The article of manufacture of claim 25 further comprising: a 
machine-accessible medium including content that, when accessed by a 
machine, causes the machine to: generate an encryption key based on the 
biometric signature of the individual; and use the encryption key to 
encrypt the data record, 

27. (Original) The article of manufacture of claim 25 further comprising: a 
machine-accessible medium including content that, when accessed by a 
machine, causes the machine to: 

generate the biometric signature of a session operator, wherein the 
session operator operates the biometric generator; and 

record a session history in the credibility record. v 

28. (Original) The content of the machine-accessible medium of the article of 
manufacture of claim 27 wherein the session history comprises: a unique 
identifier of the biometric generator; the biometric signature of the session 
operator; and a session time. 

29. (Original) The article of manufacture of claim 27 further comprising: a 
machine-accessible medium including content that, when accessed by a 
machine, causes the machine to prevent an operation of the biometric generator 
by the session operator when the biometric signature of the session operator 
does not match the biometric signature of an authorized operator. 
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30. (Original) The article of manufacture of claim 25 further comprising: a 
machine-accessible medium including content that, when accessed by a 
machine, causes the machine to: 

generate the biometric signature of a console operator, wherein the 
console operator operates the data console; and 

record an access history in the credibility record. 

31 . (Original) The content of the machine-accessible medium of the article of 
manufacture of claim 30 wherein the access history comprises: 

an unique identifier of the data console; the biometric signature of the 
console operator; an access type; and 
an access time. 

32. (Original) The article of manufacture of claim 30 further comprising: a 
machine-accessible medium including content that, when accessed by a 
machine, causes the machine to: 

require the console operator to enter an authorization code to access the 
data record; 

prevent an access of the data record when the console operator does not 
enter a proper authorization code; and 

store the authorization code in the credibility record. 
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33. (Original) The article of manufacture of claim 25 further comprising: a 
machine-accessible medium including content that, when accessed by a 
machine, causes the machine to: 

perform an evaluation the data record wherein the data record is not 
disclosed to a querying party; 

and perform an evaluation of the data record wherein the metadata query 
is not disclosed to the individual. 

34. (Original) The article of manufacture of claim 25 further comprising: a 
machine-accessible medium including content that, when accessed by a 
machine, causes ttie machine to: 

allow the individual to deny a specific data query; 

allow the individual to deny the metadata query; 

allow the individual to authorize the disclosure of the data record; 

and allow the individual to authorize a partial disclosure of the data record. 

35. (Original) The article of manufacture of claim 25 further comprising: a 
machine-accessible medium including content that, when accessed by a 
machine, causes the machine to record a query history in the credibility record. 

36. (Original) The content of the machine-accessible medium of the article of 
manufacture of claim 35 wherein the query history comprises: 

a data query authorization code; 
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an identification of the querying party; 

the unique identifier of the data console; 

the biometric signature of the console operator; and 

a query time. 

37. (Previously presented) The article of manufacture of claim 25 further 
comprising: a machine-accessible medium including content that P when 
accessed by a machine, causes the machine to: 

assign a credibility coefficient to the data record based on an evaluation of 
the credibility record; 

change the credibility coefficient when an element in the credibility record 
is compromised; and 

send a broadcast notice associated with a change in the credibility 
coefficient. 
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